Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
File: 16e3842c-0679-4aa3-bd71-e66ff760467d.roa (raw, json)
Hash identifier: OLV/FvT2tm/oq0rpOacrRgo58V4Si+YBGQLpqD0Ymo0=
Subject key identifier: A7:31:45:17:79:E3:CF:87:70:74:2E:04:0D:C3:42:91:CB:89:39:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D0B9EC640D201CDC232FE1CAEB08BBEC2CA7613
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:0b:9e:c6:40:d2:01:cd:c2:32:fe:1c:ae:b0:8b:be:c2:ca:76:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4dd8452ce841929a36171a86fe9feebda04de91cb014402a6a16f547a6c84587, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:57:85:16:3a:3a:ce:0f:ac:44:96:60:f0:fd:
2d:5a:90:30:f9:c6:36:c5:13:ee:a8:b0:19:3a:c9:
4d:df:f2:76:06:7f:ea:2e:6e:81:ea:3c:3e:a5:6b:
dd:0d:8c:7b:ca:62:7c:e6:9e:07:ef:d1:91:fd:47:
2c:c9:c6:47:d1:51:81:9f:a1:e1:60:8e:33:c5:b8:
4d:1c:b6:ea:89:c1:20:8a:93:38:e9:eb:c2:61:47:
38:5f:ea:56:5f:93:6b:9b:d0:d7:46:be:9e:98:5f:
3a:2b:ea:54:df:7c:ad:49:22:30:08:57:04:25:46:
3c:bb:f9:fb:cf:db:5c:ed:b6:ee:c0:51:93:e6:9e:
51:d3:b8:4f:ca:ba:b0:2c:af:4c:94:d6:3c:f6:ea:
ac:b3:1e:16:cd:30:95:5e:b0:6e:dd:02:b7:cb:62:
91:1c:1e:1e:c5:bb:6f:69:df:ac:24:be:a9:11:d2:
20:95:51:39:c2:e0:eb:f5:31:0c:66:27:c6:4b:6f:
f9:f3:6a:7e:71:02:80:3e:4d:c6:9d:c1:dd:64:6e:
c3:89:98:dc:98:03:a7:56:6a:81:37:84:e7:20:f3:
c8:0e:95:9e:9a:95:c5:01:b3:20:82:62:80:e6:c2:
5b:7c:1f:90:b4:b9:a8:c2:7c:cb:0d:88:93:b8:62:
53:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:31:45:17:79:E3:CF:87:70:74:2E:04:0D:C3:42:91:CB:89:39:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:18:65:77:59:a2:b0:09:8b:09:62:30:d3:49:68:d5:b1:9b:
2e:82:59:ea:63:1b:10:1b:3a:5d:14:6a:96:65:08:22:bd:3a:
0c:db:80:93:9e:b5:c6:c4:fa:8a:03:2e:25:7d:51:28:23:47:
ca:8a:5b:ae:b7:a1:ce:f5:c3:a5:cf:91:a2:2a:ef:77:d8:8b:
6b:51:1d:ff:52:82:d6:55:c9:16:89:f7:04:40:8e:63:15:82:
c6:1f:53:9d:d2:ca:d0:46:b1:64:e0:1b:bf:b3:b2:87:18:9c:
66:9c:f1:57:49:9f:95:90:07:dd:ad:c3:38:3b:6b:3e:7d:4f:
4d:65:25:eb:8c:22:de:c6:dc:a7:76:00:2d:13:0e:be:41:91:
f5:37:88:b4:4e:90:9c:53:cd:76:a7:c6:61:d8:24:b4:ae:20:
dc:8c:27:0b:fd:f3:8e:d7:c2:60:47:51:07:e1:b4:10:c8:c6:
d3:98:5d:44:bc:15:5a:22:3c:b3:ca:e5:3a:16:a4:e1:e0:f5:
d8:86:70:4c:6c:28:b6:25:2f:65:c8:32:03:19:46:fe:f8:4a:
45:f2:ca:74:c2:b2:9e:38:0f:86:87:85:9b:66:5b:1e:43:21:
90:ce:15:3b:b9:1b:64:4d:fe:ec:12:bc:19:b8:32:3b:72:4e:
0c:9e:ea:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULQuexkDSAc3CMv4crrCLvsLKdhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkZDg0NTJjZTg0MTkyOWEzNjE3MWE4NmZlOWZlZWJkYTA0ZGU5MWNiMDE0
NDAyYTZhMTZmNTQ3YTZjODQ1ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpXhRY6Os4PrESWYPD9LVqQMPnGNsUT7qiwGTrJTd/ydgZ/6i5ugeo8PqVr
3Q2Me8pifOaeB+/Rkf1HLMnGR9FRgZ+h4WCOM8W4TRy26onBIIqTOOnrwmFHOF/q
Vl+Ta5vQ10a+nphfOivqVN98rUkiMAhXBCVGPLv5+8/bXO227sBRk+aeUdO4T8q6
sCyvTJTWPPbqrLMeFs0wlV6wbt0Ct8tikRweHsW7b2nfrCS+qRHSIJVROcLg6/Ux
DGYnxktv+fNqfnECgD5Nxp3B3WRuw4mY3JgDp1ZqgTeE5yDzyA6VnpqVxQGzIIJi
gObCW3wfkLS5qMJ8yw2Ik7hiUzcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSnMUUX
eePPh3B0LgQNw0KRy4k5DTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTZlMzg0MmMtMDY3OS00YWEzLWJkNzEtZTY2ZmY3NjA0NjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQCDGGV3WaKwCYsJYjDTSWjVsZsuglnqYxsQGzpdFGqW
ZQgivToM24CTnrXGxPqKAy4lfVEoI0fKiluut6HO9cOlz5GiKu932ItrUR3/UoLW
VckWifcEQI5jFYLGH1Od0srQRrFk4Bu/s7KHGJxmnPFXSZ+VkAfdrcM4O2s+fU9N
ZSXrjCLextyndgAtEw6+QZH1N4i0TpCcU812p8Zh2CS0riDcjCcL/fOO18JgR1EH
4bQQyMbTmF1EvBVaIjyzyuU6FqTh4PXYhnBMbCi2JS9lyDIDGUb++EpF8sp0wrKe
OA+Gh4WbZlseQyGQzhU7uRtkTf7sErwZuDI7ck4MnuqD
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org